Jukka Zitting wrote: > Hi, > > On Thu, Nov 26, 2009 at 1:17 AM, Marshall Schor <m...@schor.com> wrote: > >> It is in the usual place, >> http://people.apache.org/~schor/uima-release-candidates/2.3.0-RC3/ >> > > I finally got around to taking a look at the release packages. > > The biggest issue I stumbled over is the fact that the uimaj release > package [1] doesn't seem to match the contents of the svn tag at [2]. > I didn't check yet the other source packages, as I may well be > overlooking something obvious. > Can you say a bit more what the mismatch seems to be? This may be due to the fact that the source tarball is a subset of what's in SVN. Our build process for a release does do an extract and build from the tag, so the files that are there should match... > PS. It would be nice to have the GPG key available on a public key > server, see [3] for how to do that. > The signing key was uploaded to the MIT public server quite a while ago. Can you say how you were looking for it? Just now I went to pgp.mit.edu and looked for the signing key, using as a search argument marshall schor and found the code signing key 2 as the top hit (which is the one I hope I signed things with...)
> PPS. The copyright year in the NOTICE files should be updated to 2009. > Thanks - I'm fixing all of these, plus changing the publication date in our pubs to December, 2009. (Was November...). -Marshall > [1] > http://people.apache.org/~schor/uima-release-candidates/2.3.0-RC3/uimaj/uimaj-2.3.0-incubating-src.tar.gz > [2] > http://svn.apache.org/repos/asf/incubator/uima/uimaj/tags/uimaj-2.3.0/uimaj-2.3.0-03/ > [3] http://www.apache.org/dev/release-signing.html#keyserver-upload > > BR, > > Jukka Zitting > > >
